<?
ini_set("memory_limit", "1000M"); 
//phpinfo();
include "config.php";

if(TRANSFER_KEY != $_POST['transferKEY']){echo "Your access is forbidden. Thank you."; exit;}

$filecode = $_POST['filecode'];
$album = $_POST['album'];
$fullpath = $_POST['fullpath'];
$uid = $_POST['uid'];
$username = $_POST['username'];
$password = $_POST['password'];
$tags = $_POST['tags'];
$status = $_POST['status'];
if(strlen($status) < 2){$status="public";}

$sql = mysql_query("select id from filebin_users where user_name='".$loc->db_cmp($username)."' and pass_word='".$loc->db_in($password)."'");
$resEx = mysql_fetch_array($sql);
echo mysql_error();
if($resEx['id'] != $uid){echo "Your access is forbidden. Thank you."; exit;}
if(!$resEx['id']){echo "Your access is forbidden. Thank you."; exit;}


$filename = $_FILES['fisier_incarcat']['name'];
$type = $_FILES['fisier_incarcat']['type'];
$size = $_FILES['fisier_incarcat']['size'];
$tmp_name = $_FILES['fisier_incarcat']['tmp_name'];
$error = $_FILES['fisier_incarcat']['error'];
$filenameArr = explode("." , $filename);
$ext = $filenameArr[count($filenameArr)-1];
$destApp = UPLOAD_DIR . $filecode;
// . "." . $ext

if($error == 0){
	//First upload file
	move_uploaded_file($tmp_name , $destApp);

	//Now create the thumbnail IF it does not exist and IF it is an image file.
	$typeArr = explode("/" , $type);
	$imgDat = @getimagesize($destApp);
	$dest = TEMP_THUMBS_DIR . $filecode . ".jpg";
	
	if($imgDat[0] > 800 || $imgDat[1] > 800){
		$sz = 800;
	}else{
		$sz = -1;
	}

	if($imgDat[0] > THUMB_SIZE || $imgDat[1] > THUMB_SIZE){
		$szTH = THUMB_SIZE;
	}else{
		$szTH = -1;
	}

	if($typeArr[0] == "image" && $typeArr[1] != "psd" && $typeArr[1] != "eps" && $imgDat != false){

		if(!is_file(THUMBS_DIR . $filecode)){
			thumb($destApp , $szTH , THUMBS_DIR . $filecode.".jpg" , 100);
		}

		if(!is_file($dest)){
			thumb($destApp , $sz , $dest , 100);
		}

		unlink ($destApp);
	}


	mysql_query("insert into filebin_files (tags,status,uid,error,album,filename,filecode,size,type,date) values ('".$loc->db_in($tags)."' , '".$loc->db_in($status)."' , '".$loc->db_in($resEx['id'])."' , '".$error."' , '".$loc->db_in($album)."' , '".$loc->db_in($filename)."' , '".$loc->db_in($filecode)."' , '".$size."' , '".$type."' , '".time()."')");

}
//echo mysql_error();
?>
